Quantum Computing Requirements for Integer Factoring

Controller-decoder system requirements derived by implementing Shor's algorithm with surface code https://lnkd.in/eQVip5N8 Quantum Error Correction (QEC) is widely regarded as the most promising path towards quantum advantage, with significant advances in QEC codes, decoding algorithms, and physical implementations. The success of QEC relies on achieving quantum gate fidelities below the error threshold of the QEC code, while accurately decoding errors through classical processing of the QEC stabilizer measurements. In this paper, we uncover the critical system-level requirements from a controller-decoder system (CDS) necessary to successfully execute the next milestone in QEC, a non-Clifford circuit. Using a representative non-Clifford circuit, of Shor factorization algorithm for the number 21, we convert the logical-level circuit to a QEC surface code circuit and finally to the physical level circuit. By taking into account all realistic implementation aspects using typical superconducting qubit processor parameters, we reveal a broad range of core requirements from any CDS aimed at performing error corrected quantum computation. Our findings indicate that the controller-decoder closed-loop latency must remain within tens of microseconds, achievable through parallelizing decoding tasks and ensuring fast communication between decoders and the controller. Additionally, by extending existing simulation techniques, we simulate the complete fault-tolerant factorization circuit at the physical level, demonstrating that near-term hardware performance, such as a physical error rate of 0.1% and 1000 qubits, are sufficient for the successful execution of the circuit. These results are general to any non-Clifford QEC circuit of the same scale, providing a comprehensive overview of the classical components necessary for the experimental realization of non-Clifford circuits with QEC.

A recent paper demonstrates how to run Shor's algorithm using considerably fewer quantum gates. Using the new approach, factoring a 2048-bit RSA key might require about 100k gates instead of approximately 4 million. Despite this aggressive improvement, we may not need to panic just yet. There is rarely a free lunch in algorithm design, and this is no exception. One of the trade-offs made in this paper is an increase in the number of qubits required to implement the algorithm. As the authors acknowledge: "... an improvement in the number of gates does not necessarily translate into an improved practical implementation. Indeed, in most architectures currently being considered by industry, the space (or number of qubits) plays an important role.... It therefore remains to be seen whether the algorithm can lead to improved physical implementations in practice." Papers like this (see link below) are one of the reasons experts struggle to predict when quantum computers will break modern cryptography. The landscape is always shifting, with both the computers and the algorithms improving every year. Each bright idea potentially brings "Q Day" closer. -- ℹ️ Over 150 cyber professionals read my new weekly newsletter. Sign up using the link in the first comment 👇 #cybersecurity #cryptography #pqc #quantumcomputing #encryption

Here’s a crypto post -- but not the kind that involves a ledger. A new paper from Craig Gidney at Google has sharpened the picture around a major research question in cryptography: how hard is it really to break RSA with a quantum computer? A 2019 paper by Gidney & Ekerå showed that a 2048-bit RSA key could be factored with ~20 million noisy qubits, running in about 8 hours. Gidney’s latest estimate cuts that requirement by an order of magnitude: fewer than one million qubits, and a runtime of less than a week. The improvement comes from trading space for time and deploying clever techniques like: * Approximate residue arithmetic, which compresses modular exponentiation by discarding unneeded precision * Magic state cultivation, which reduces overhead in fault-tolerant gate operations * Compact surface code layouts, which store qubits more efficiently while keeping errors in check The intuition is subtle but powerful: to extract the period associated with modular exponentiation (a key step Shor’s algorithm), you don’t need a perfect answer—just enough clean signal, handled carefully enough to preserve the interference pattern you're looking for. (Shor's algorithm uses quantum parallelism to create a periodic signal, and then uses (Quantum) Fourier analysis -- via the (Quantum) Fourier Transform -- to determine the period, which effectively turns factoring into a signal-processing problem.). So, what are the implications? First, it's not time to panic (yet). Today’s quantum hardware handles ~100 qubits, all noisy and none fault-tolerant. So, we still need to improve current quantum computing hardware by a factor of at least 10,000. However, progress will continue to be made, and that progress can be non-linear. More concretely, this paper narrows the gap between theoretical risk and engineering feasibility. The requirements for breaking RSA are concrete. For governments and organizations still relying on cryptosystems like RSA whose security is related to the complexity of factoring large integers, the message is clear: the sky isn’t falling, but the clouds are moving. Migrating between cryptographic algorithms is a slow, fragile, and complicated process. There is no switch one can flip to transition between traditional algorithms and those that considered quantum safe. And yes, I lied in the first line: if someone builds a quantum computer at this scale, Bitcoin and other cryptocurrencies would likely be among the first targets... 📄 Paper: https://lnkd.in/gGY3JRgw #quantumcomputing #cryptography #postquantum #RSA #security

Recent advancements in quantum computing have significantly reduced the estimates for resources required to break RSA-2048 encryption. A 2025 study by Craig Gidney indicates that factoring a 2048-bit RSA integer could now be achieved in under a week using fewer than one million noisy qubits. This marks a substantial decrease from the previous estimate of 20 million qubits proposed in 2019. This massive reduction can be attributed to algorithmic optimizations and more efficient quantum circuit designs. As quantum hardware continues to advance the feasibility of breaking current encryption standards becomes increasingly plausible. We're quicly closing the gap between theory and reality. The convergence of these software and hardware breakthroughs suggests that a mid-2030s "Q-Day” (the date when quantum computers can compromise existing encryption methods). This is no longer just a theoretical concern but an impending reality. It’s the modern equivalent of Y2K. In the meantime, attackers are harvesting our data just waiting for the day quantum computers of sufficient capability arrive. The urgency for post-quantum cryptography is clear. Organizations must prioritize transitioning to quantum-resistant cryptographic standards to safeguard sensitive data against future quantum threats. https://lnkd.in/gY9uTA9g

The implications of the latest research by Craig Gidney from Google on factoring RSA-2048 are profound (https://lnkd.in/g8mKeqRh). This paper, titled "How to factor 2048 bit RSA integers with less than a million noisy qubits" suggests a pathway to breaking this widely used encryption with under a million noisy qubits, potentially within a week! The finding is a dramatic reduction from previous estimates of 20 million qubits! This shifts the conversation dramatically: Reduced Quantum Threat Threshold: The barrier for quantum computers to compromise RSA-2048 has significantly lowered, bringing the threat horizon much closer. Increased Urgency for Post-Quantum Cryptography (PQC): The timeline for potential RSA compromise may be accelerating. The need to identify, standardize, and implement robust PQC solutions is now more critical than ever. Algorithmic and Architectural Advances: This breakthrough underscores the power of clever algorithms and efficient quantum architectures in tackling complex cryptographic challenges. The path to quantum advantage is being actively researched. The Question Has Changed: We're no longer just asking if a quantum computer will break RSA-2048, but when and through which path of algorithmic and hardware development. This research offers a potential answer to the latter, making the former seem increasingly inevitable. For those of us in cybersecurity, especially in highly regulated sectors like finance, this isn't a theoretical discussion anymore. It's a call to action to understand, prepare for, and actively transition to a post-quantum future. Let's connect and discuss how we can collectively navigate this evolving landscape.

Google’s quantum researcher Craig Gidney has significantly reduced the estimated quantum resources needed to break RSA-2048 encryption. In his latest paper, he outlines a method to factor a 2048-bit RSA key using fewer than one million noisy qubits, a substantial decrease from the previous estimate of 20 million qubits in 2019. While the runtime for factoring RSA-2048 has increased to less than a week compared to the previous estimate of eight hours, the dramatic reduction in qubit requirements makes the prospect of breaking RSA Security’s encryption more feasible as quantum hardware advance. Gidney emphasizes the urgency for transitioning to quantum-resistant cryptographic systems. He suggests deprecating vulnerable systems after 2030 and disallowing them entirely by 2035 to mitigate potential security risk. This development underscores the accelerating progress in quantum computing and its potential to compromise current cryptographic standards. Organizations and governments are advised to proactively adopt post-quantum cryptography to safeguard sensitive information against future quantum threats. Read all about it here : https://lnkd.in/geyPiYE4 #QuantumComputing #CyberSecurity #PostQuantum #RSA2048 #GoogleAI #AI #Cryptography #encryption #RSA

🔐 Breaking RSA with ~1M physical qubits? That’s the breakthrough outlined in a recent paper by Craig Gidney at Google: 📄 https://lnkd.in/dQZuNaHt The work proposes optimized circuit constructions and error correction layouts that reduce the qubit requirements for factoring RSA-2048 from ~20 million (2019 estimates) to just 1 million physical qubits—a 20× improvement. This dramatically shifts the horizon for practical quantum attacks on today’s cryptographic standards. ⚠️ If validated, these results substantially accelerate the urgency for quantum readiness—not in theory, but in practice. At BlueQubit, we're focused on developing quantum software solutions that help enterprises and defense organizations prepare for and transition to the post-quantum era. That means tools for identifying cryptographic risk, supporting hybrid classical-quantum architectures, and integrating quantum solutions into existing workflows. 🚀 Algorithmic advances like this reshape timelines, risk models, and strategic priorities. For sectors with long data retention or sensitive infrastructure, now is the time to take quantum threats seriously—and plan accordingly. 🛡️ #QuantumComputing #PostQuantumCryptography #Cybersecurity #QuantumReadiness #BlueQubit #ShorAlgorithm #PQCTools #EnterpriseSecurity #DefenseTech

𝗠𝗮𝘀𝘀𝗶𝘃𝗲 𝗣𝗿𝗼𝗴𝗿𝗲𝘀𝘀 𝗶𝗻 𝗤𝘂𝗮𝗻𝘁𝘂𝗺 𝗘𝗿𝗿𝗼𝗿 𝗖𝗼𝗿𝗿𝗲𝗰𝘁𝗶𝗼𝗻: 𝗧𝗮𝗰𝗸𝗹𝗶𝗻𝗴 𝗤𝗘𝗖 𝗼𝘃𝗲𝗿𝗵𝗲𝗮𝗱 In just the last 10 days, quantum error correction (#QEC) has taken a major leap forward, bringing fault-tolerant quantum computing (#FTQC) closer than ever. When it became accepted in 2023-2024 that FTQC was the only path for large-impact quantum computing, we also accepted that the machines would be bigger. A LOT BIGGER. This is because QEC has traditionally introduced significant overhead. However, last week was full of good news: recent advancements show how quickly QEC overhead can be reduced, making large-scale quantum systems more practical and accessible. Here are two announcements worth looking at and an insight to take into account: 𝗙𝗿𝗼𝗺 𝟮𝟬 𝗠𝗶𝗹𝗹𝗶𝗼𝗻 𝘁𝗼 𝗟𝗲𝘀𝘀 𝗧𝗵𝗮𝗻 𝟭 𝗠𝗶𝗹𝗹𝗶𝗼𝗻 𝗤𝘂𝗯𝗶𝘁𝘀: In 𝟮𝟬𝟮𝟯, Google projected that 𝟮𝟬 𝗺𝗶𝗹𝗹𝗶𝗼𝗻 𝗾𝘂𝗯𝗶𝘁𝘀 would be required for fault tolerance in 𝟮𝟬𝟰𝟴-𝗯𝗶𝘁 𝗥𝗦𝗔 𝗳𝗮𝗰𝘁𝗼𝗿𝗶𝗻𝗴. Now, thanks to improved QEC techniques, this requirement has 𝗱𝗿𝗼𝗽𝗽𝗲𝗱 𝘁𝗼 𝘂𝗻𝗱𝗲𝗿 𝟭 𝗺𝗶𝗹𝗹𝗶𝗼𝗻 𝗾𝘂𝗯𝗶𝘁𝘀 ! 𝗤𝘂𝗘𝗿𝗮'𝘀 𝗡𝗲𝘂𝘁𝗿𝗮𝗹 𝗔𝘁𝗼𝗺 𝗔𝗿𝗿𝗮𝘆 𝗣𝗮𝗽𝗲𝗿: QuEra Computing Inc.’s work shows how neutral atom arrays can 𝗿𝗲𝗱𝘂𝗰𝗲 𝗼𝘃𝗲𝗿𝗵𝗲𝗮𝗱 𝗶𝗻 𝗤𝗘𝗖, completing 𝗥𝗦𝗔 𝗳𝗮𝗰𝘁𝗼𝗿𝗶𝗻𝗴 𝗶𝗻 𝗷𝘂𝘀𝘁 ���.𝟲 𝗱𝗮𝘆𝘀 𝘄𝗶𝘁𝗵 𝟭𝟵 𝗺𝗶𝗹𝗹𝗶𝗼𝗻 𝗾𝘂𝗯𝗶𝘁𝘀. This represents a remarkable reduction from previous estimates. 𝗦𝗵𝗼𝗿'𝘀 𝗔𝗹𝗴𝗼𝗿𝗶𝘁𝗵𝗺 𝗮𝘀 𝘁𝗵𝗲 𝗕𝗲𝗻𝗰𝗵𝗺𝗮𝗿𝗸: With these advances, Shor's algorithm is fast becoming a de facto benchmark for testing the true capabilities of quantum error correction. As we reduce the qubit overhead and increase error correction efficiency, Shor’s algorithm provides a clear metric for measuring progress toward fault tolerance in quantum systems. The progress in QEC over the last 10 days is mind-blowing. By reducing the overhead required for error correction, we are accelerating the path to practical, fault-tolerant quantum systems. The rapid pace of innovation promises that FTQC is no longer a distant dream: it's becoming increasingly achievable. #QuantumComputing #QuantumErrorCorrection #FTQC #ShorsAlgorithm #QuEra #Google #TechAdvancements #QuantumTech